Phoenix LiveDashboard with Content Security Policy (CSP)

If your Phoenix application enforces CSP rules, and you try to deploy the Phoenix LiveDashboard in production, you will probably get something like this: In my case, inline CSS is not loaded because of the style-src CSP rule I had to enforce on the project: style-src 'self'; This means that all unsafe inline CSS code is disabled by the browser. Unfortunately, the Phoenix LiveDashboard uses inline CSS, and that’s not something I can change....

January 17, 2023 · 3 min · Francis Chabouis